Pretty basic AnyConnect config, GroupPolicy:
group-policy XXXX attributes
dns-server value <DNS1> <DNS2>
vpn-filter value <FILTER>
vpn-tunnel-protocol ssl-client
split-tunnel-policy tunnelspecified
split-tunnel-network-list value <SPLIT_POLICY>
default-domain value company.local
When client is connected, domain suffix company.local is added to each and every FQDN request, like when doing "nslookup cisco.com", it would try sending cisco.com.company.local as first request to DNS and then followed by normal cisco.com. If doing some non-FQDN lookup - that would bexpected, as lets say "nslookup internal" would translate to internal.company.local and that is fine.
Is this expected given I've checked at least one other deployment and I'm not seeing the same?
ASA 9.6(4)30, AnyConnect 4.8.03052.